EXPERTS warn of hackers using YouTube to spread malicious malware.
Cybersecurity company Kaspersky has discovered a trojan called RedLine, which can often be found on YouTube.
The Trojan steals personal and financial information from infected devices.
HOW DOES IT WORK?
Cyber criminals proliferate RedLine under the guise of game cheats.
Kaspersky described the attack in a blog post: “Attackers are posting videos on YouTube claiming to use cheats in popular online games like Rust, FIFA 22, DayZ, and a few dozen more.”
“The videos look pretty convincing and lead to actions that gamers who are no strangers to cheating are quite used to.”
In particular, this looks like following a link in the description to download an archive and then running it.
If the download fails, video creators instruct users to turn off Windows SmartScreen.
SmartScreen is a tool that protects Microsoft Edge users from phishing and malicious websites.
“For some reason, however, it unkindly fails to mention that this will result in a whole package of malware being installed on the user’s computer at once,” noted Kaspersky.
Once the user unknowingly downloads RedLine, the Trojan steals valuable information on the computer, starting with passwords stored in the browser.
In addition, the Trojan can execute commands on the computer and mine cryptocurrencies.
“RedLine comes with a cryptocurrency miner that can be deployed on the victim’s computer,” Kaspersky explained.
“Gaming computers are a logical target for cybercriminals in this regard, as they usually have powerful GPUs that are very useful for cryptocurrency mining,” the company continued.
HOW TO STAY SAFE
“We really should start with the obvious: don’t download cheats,” Kaspersky said.
“Besides being unethical, it’s just not safe. Cheats violate the user agreement with the game developer, which means they automatically occupy a gray area,” the company added.
Additionally, cheats are never distributed through secure official channels.
Therefore, downloading something from unverified sources increases the chances of installing malware.
In addition, Kaspersky recommends enabling two-factor authentication.
Also, users should never disable protection features, including browser filtering and an appropriate security solution.